Post on 02-Jul-2019
transcript
#RSAC
SESSION ID:
Ron Woerner, CISSP, CISM
Cybersecurity Tips, Tools, and Techniques for Your Professional Toolbag
TECH-R02
Chief Security AdvisorRWX Security Solutions, LLC@ronw123
#RSAC
– President / Chief Trusted Advisor – Cybersecurity Instructor, Bellevue University– 25+ years experience in IT / Security– CISSP, CISM– Blogger, podcaster & writer – Given tons’o presentations on security and Internet safety
Ron Woerner - BIO
#RSAC
3
Thoughts aremy own
Use at your own risk
#RSAC
4
Apologies in advance forbroken links
Content as of January 2019
What the $%$# are we doing here?
Tools, applications, websites, references,
other stuff that can help you do you job.
Cybersecurity tips to keep yourself, others, and
hopefully your company out of trouble.
#RSAC
“The art and science of skillfully maneuvering humans to
take an action that may or may not be in their own best interests.”
Chris Hadnagy, Social Engineering, The Science of Human Hacking
The Easiest Hack
#RSAC
If you only remember 1 slide…
https://www.dhs.gov/see-something-say-something
https://www.stopthinkconnect.org/ https://www.lockdownyourlogin.com/
https://staysafeonline.org/
#RSAC
#1 Technical Tool
https://www.google.com/advanced_search
#RSAC
Time TravelGoogle Cache
Archive.org – Wayback Machine
#RSAC
Lists of tools, tips, & tricksSecToolsTools Watch – Top Security ToolsOlderGeeksHowToGeek.com, Geek School
#RSAC
Security Checklists / PublicationsNIST– CSRC: http://csrc.nist.gov/– Publications: http://csrc.nist.gov/publications/PubsSPs.html
Center for Internet Security – Controls: https://www.cisecurity.org/controls/– Benchmarks: https://www.cisecurity.org/cis-benchmarks/– CIS Controls Self-Assessment Tool, or CIS CSAT
DISA IASE Security Technical Implementation Guides (STIGs): https://iase.disa.mil/stigs/Pages/index.aspx
U.S. Cyber Consequences Unit (US-CCU) Cyber Security Matrix
#RSAC
Cheat SheetsPeerlyst – Complete List of InfoSec Cheat SheetsLenny Zeltser – IT and Information Security Cheat Sheets: https://zeltser.com/cheat-sheets/
Malware Archeology (Auditing) –https://www.malwarearchaeology.com/cheat-sheets/
OWASP –https://www.owasp.org/index.php/OWASP_Cheat_Sheet_Series
#RSAC
Personal Labs – Virtual Environments Oracle VM VirtualBoxVMWare Workstation
Windows 10 – Hyper-VMacOS Parallels
LifeHacker – How to Set Up a Virtual Machine for Free
#RSAC
System Inventory & Automation“Asset management isn’t sexy. Penetration testing and red team and analysis gets all the job reqs, because it’s far more flashy. Effective security is boring.” Nathan W Burke
Center for Internet SecurityCSC Basic Controls
1. Inventory and Control of Hardware Assets2. Inventory and Control of Software Assets
#RSAC
Network EnumerationShodan (https://www.shodan.io/) – Search engine for Internet-connected devices.
#RSAC
Network EnumerationCensys (https://www.censys.io/) - Find and analyze every reachable server and device on the Internet.
#RSAC
Network Vulnerability Detection
Titania Nipper Studio: https://www.titania.com/products/nipper-studio
Solarwinds: https://www.solarwinds.com/downloads– Firewall Browser– Network Configuration Manager– IP Address Manager
Firewall Audit Tool: https://www.wallparse.com/
#RSAC
Windows AdministrationSysInternals Suite
AutorunsProcess ExplorerProcess Monitor
Video: Mark Russinovich, Malware Hunting
#RSAC
Windows AdministrationGodMode
Create a new folder and edit it so that it is named the following and then press enter.– GodMode.{ED7BA470-8E54-465E-825C-99712043E01C}
When done, you should have an icon on your desktop
#RSAC
Windows AdministrationWindows Update Agent (WUA)
Using WUA to Scan for Updates Offline, which includes a sample .vbs script. For a PowerShell alternative, see Using WUA to Scan for Updates Offline with PowerShell.
Replaces MBSA
PowerShell– Using Windows PowerShell– PowerShell.exe Command-Line Help
#RSAC
Linux on WindowsWindows Subsystem for Linuxhttps://docs.microsoft.com/en-us/windows/wsl/about
Run bash.exeHTG Article: https://www.howtogeek.com/270810/how-to-quickly-launch-a-bash-shell-from-windows-10s-file-explorer/
#RSAC
Patching & Updating
BatchPatchhttps://batchpatch.com/
Chocolatey https://chocolatey.org/
#RSAC
Network Evaluation / Troubleshooting
Introduction video
TcpDump
#RSAC
Linux Distros
https://livecdlist.com/
https://distrowatch.com/
#RSAC
Linux / Unix SecurityHardening Linux Systems - https://www.beyondtrust.com/blog/harden-unix-linux-systems-close-security-gaps/
Linode’s Getting Started with SELinux GuideThe Geek Stuff
#RSAC
Security / Pen Testing DistrosKalihttps://www.kali.org/downloads/
Parrot Security OShttps://www.parrotsec.org/download-security.php
Tails https://tails.boum.org/
#RSAC
Pen Testing Framework
https://www.metasploit.com/
https://www.offensive-security.com/metasploit-unleashed/requirements/
#RSAC
Social EngineeringIntelTechniques (OSInt) – https://inteltechniques.com/menu.html
Maltego – https://www.paterva.com/
Cree.py – Geolocation Information Aggregator, http://www.geocreepy.com/
Peek You - www.peekyou.com
#RSAC
Social Engineering Toolkit (SET)https://www.trustedsec.com/social-engineer-toolkit-set/
#RSAC
Security Testing
OWASP Zed Attack Proxy (ZAP)
Portswigger Burp Suite
Vega
Netsparker
GuardiCore Infection Monkey
#RSAC
Digital ForensicsDEFT X
OSForensics
FTK
WinHex
#RSAC
Personal Security – Password Vaults
LastPassKeePassLogMeOnce1PasswordRoboFormDashlane
#RSAC
Personal Security – Encryption7-Zip
AES Crypt
Veracrypt
#RSAC
Security Books
https://cybercanon.paloaltonetworks.com/
#RSAC
Help add to the list
#RSAC
“Apply Slide” Immediate: –Pick 1 or 2 tools / techniques –Play / Try it out / ExperimentNext 4-6 Weeks (rinse and repeat in 3 & 6 mos):–Review this slide deck–Pick more tools (3-5)–Experiment with tools in a virtual environment–Review the awareness websites
Cybersecurity Tips, Tools, & Techniques
Ron Woerner, CISSP, CISMron.woerner @ rwxsecurity.comTwitter: @ronw123